Everyone likes something for free. And there is no better place to go to get free analysis, intelligence and tools than The Armory on M-Unition. During the past year, we’ve offered intelligence and analysis on new threat activity, sponsored open source projects and offered insight on free tools like Redline™, all of which has been highlighted on our blog. Read the rest

The Back to Basics: OpenIOC blog series previously discussed how Indicators of Compromise (IOCs) can be used to codify information about malware or utilities and describe an attacker’s methodology. Also touched on were the parts of an IOC, such as the metadata, references, and definition sections. Read the rest

One challenge investigators face during incident response is finding a way to organize information about an attackers’ activity, utilities, malware and other indicators of compromise, called IOCs. The OpenIOC format addresses this challenge head-on. Read the rest

With the buzz in the security industry this year about sharing threat intelligence, it’s easy to get caught up in the hype, and believe that proper, effective sharing of Indicators or Intelligence is something that can just be purchased along with goods or services from any security vendor. Read the rest

Over the next few months, a few of my colleagues and I will be touching on various topics related to Mandiant and computer security. As part of this series, we are going to be talking about OpenIOC – how we got where we are today, how to make and use IOCs, and the future of OpenIOC. Read the rest

We’re growing fast, but we’re as demanding as ever. Our clients come to us in their hours of need, so we need the best. That means more than just the right education and the right experience in information security.

As Mandiant continues to grow, we are able to offer certain positions in multiple locations. For details on the location(s) of each opening, please refer to the position descriptions.